Job Description

About the role This is a rare opportunity to build our Security Operations & Incident Response function from the ground up. We are looking for a foundational leader to apply elite-level security practices to protect our clients' mission-critical systems. You will architect our managed security services, lead high-stakes incident response, and establish the core of our security practice. This is a hands-on role for a classic security expert passionate about tackling complex threats in modern, cloud-native environments. Architect and build our managed Security Operations (SOC) and Incident Response (IR) services, focusing on cloud-native (AWS, GCP, Azure) and SaaS environments. Lead complex, end-to-end incident response investigations for sophisticated attacks against cloud infrastructure, web applications, and corporate networks. Perform deep digital forensics on hosts (Windows, Linux) and networks to determine root cause, scope, and impact. Develop and operationalize robust IR playbooks, detection rules, and security monitoring strategies for enterprise-grade systems. Evaluate, deploy, and manage a best-in-class security toolchain centered around SIEM/SOAR platforms. Serve as the primary technical advisor to clients during security crises, providing clear guidance and direction. Recruit and mentor a team of security experts as the function grows. Requirements: 5+ years of hands-on experience in Digital Forensics & Incident Response (DFIR), leading complex investigations in enterprise environments. 2+ years in a leadership role with experience building security processes and mentoring technical teams. Expert-level knowledge of cloud security principles and incident response in at least one major cloud provider (AWS, GCP, or Azure). Deep understanding of modern attack vectors, MITRE ATT&CK, and TTPs targeting web applications and cloud infrastructure. Proven experience deploying, managing, and creating detections for SIEM/SOAR solutions (e.g., Splunk, Sentinel, QRadar). Excellent communication skills, with the ability to advise both technical and executive audiences. Advantages: Familiarity with blockchain fundamentals and the unique security challenges of the Web3/DeFi ecosystem. Experience with on-chain analysis or blockchain forensic tools. Proficiency in scripting languages like Python or Go for security automation. Experience with malware reverse engineering. We are Customer Centric , when we commit, the customer knows we will deliver in a quality and timely manner. We Move Fast - we’re looking for people with abias for action and a sense of urgency to achieve quick results while we also Break Nothing – we have high-quality standards, we are looking for people who are professional and hold themselves accountable. We win as a Team – our teams are distributed around the world.We understand our individual roles and commit to the team's goals. We have a positive “can do” attitude. We support each other and are encouraged to ask for help and collaborate. We enable people to grow by clarifying expectations and giving candid feedback and on-the-job development opportunities. We welcome collaboration both internally and externally for outstanding delivery. We are Pioneers inDeFi security and FV experts - we are one of the best companies to help developers and security researchers secure Web3 but we’re humble and always eager to learn more. Certora provides you a wonderful opportunity to: Work on cutting-edge technology and challenging problems at the forefront of Web3 applications and technologies Contribute to unique formal verification technology, the leading way to ensure the behavior of any type of software Experience a friendly creative start-up environment with top talent in the domain Work in a fast-paced and supportive culture: we move fast and break nothing! Enjoy flexible work (remote / hybrid) #J-18808-Ljbffr Certora

Job Tags

Similar Jobs